Call ProtocolConfirmation in SNMP only if we saw a response SNMP packet

2025-10-11 11:08:20 +00:00 · 2016-03-17 14:25:15 -05:00 · 2016-03-17 14:25:15 -05:00 · d731cb9a18
commit d731cb9a18
parent f4141bde6d
1 changed files with 3 additions and 1 deletions
--- a/src/analyzer/protocol/snmp/snmp-analyzer.pac
+++ b/src/analyzer/protocol/snmp/snmp-analyzer.pac
@ -373,10 +373,12 @@ refine connection SNMP_Conn += {

 	function proc_header(rec: Header): bool
 		%{
+		if ( ! ${rec.is_orig} )
+			bro_analyzer()->ProtocolConfirmation();
+ 
 		if ( rec->unknown() )
 			return false;

-		bro_analyzer()->ProtocolConfirmation();
 		return true;
 		%}